ncauth_user.py
1.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
import sqlite3
import hashlib
import tornado.template
import os.path
from ncauth.ncauth_base import ncauth_base
class ncauth_user(ncauth_base):
def get(self):
self.render('login.html')
# self.write('<html><body><form action="/login" method="post" id="login_form">'
# 'Name: <input type="text" name="name" id="username" value="">'
# 'PW: <input class="text-input" id="password" name="password" tabindex="2" type="password" value="">'
# '<input id="signin-btn" class="btn btn-blue" type="submit" value="Sign in">'
# '</form></body></html>')
def post(self):
self.set_secure_cookie("user", self.get_argument("name"))
pw=self.get_argument("password")
username=self.get_argument("name")
salt='xy4$rt'
#hashlib.sha512(pw.encode('utf-8') + salt.encode('utf-8')).hexdigest()
if hashlib.md5(pw.encode('utf-8')).hexdigest() == self.getuserpw(username):
self.set_secure_cookie("user", self.get_argument("name"))
self.set_secure_cookie("incorrect", "0")
self.write("Jo")
self.redirect("/")
else:
self.write("Hello, world"+self.get_argument("name")+' '+self.get_argument("password")+ ' /// '+hashlib.md5(pw.encode('utf-8')).hexdigest() +' vs. '+self.getuserpw(username))
self.set_secure_cookie("incorrect", "1")
self.redirect("/login")
def getuserpw(self,username):
dbpath =os.path.dirname(__file__)+ "/srvcnf.sqlite3"
self.write(dbpath)
# password=self.get_argument("password")
self.write(" - ")
self.db=sqlite3.connect(dbpath)
self.dbcursor=self.db.cursor()
sql = 'Select password from srvusers where username = "'+username+'"'
# password=''
for row in self.dbcursor.execute(sql):
password= row[0] #String.valueOf(c.getInt(c.getColumnIndex("password")));
return password